Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    3fcf6d154888586d11de4809f2851019

  • SHA1

    e586c1f15c028f781ee319d32da31bc3486afd36

  • SHA256

    85fa833e33a6a9a8a05d0f28a90452017dfb6468e177cc4215ef2c3f005b1a6b

  • SHA512

    36f4e263b828146e6ba6e34bc741fe14091029616a14d2899fa793af5dfc3495a627a398d4c5bba732c46b6386509a2a2cd76890a8371803dbfe6034d11ddb2d

  • SSDEEP

    192:nyvOH3tcNSpncXySkKZHoeC2Qa/Q8Cjg4gY3J:nyvOXKYY64HlQmgRJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ef35bc11c3335a4232b84606fb442ae

    SHA1

    50566f308435be7d909d0cced9ad7d88f309550f

    SHA256

    fe964280803ef4cdf3d67b95698323d8069367388af40e938e9251e7e81bc39c

    SHA512

    7de4c214da00b2643fc9eba28e5d685a194d24650bc23d5c2e1939e370e942ceac53456ef7949f8eb0cdfe31c356215905a7557859b90afd0c3f381f15d8a0a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf3cae8a8fb196856a4f04ae88f4f7f7

    SHA1

    533b03d5a18020f79b4685b2c7fb01b725cb235e

    SHA256

    11842cf3acc2569640fbeeccb3503640e2cc0c54e746aaf384ea31be2b62d7bd

    SHA512

    76411769bbee7bf1f087d5693bfecd1009a55ce721e87dd4beb7c00e4605be6b37eaaa476ac8f109eb8b44ebd0e8706f684aaa5533508d9e2f4e8652bc04788f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c011bb31a0a3031d76c98934bbd489e5

    SHA1

    2069b4a69a847644adf2ce1f500651d6c9a4f24b

    SHA256

    ec6042eb0edd0a41b752a2572292a023d32bbd9a62e469db65b092e571aa388a

    SHA512

    aabb5cedcad6b42c05af6c27b78afe2ae3376c02bfc6e0b91ba0517dd7e128aa8eb4066caefccbc51218e499e7e6dbcc31a7df91bdffc974266e981761881518

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30cc3b5849303bf1263aa68b05e3f35c

    SHA1

    4a6bc8b3deef1e8de583f37bb6599c887605004b

    SHA256

    cd95233e4e0d17bdcaba2aa936b65a8ee7d536b792f9ec06c2d514a63a500cf5

    SHA512

    44446b35a90e77a3c122463045e549f8e0fa8becd16aaabc682038c1d356673aa83fc8d0792b94faa481e2c103f979d964d7218471d814c8275bae2d8ca5cd98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc61f957c90d6a6cdfcd0c44ab6e96bf

    SHA1

    791e5bb343a7fe6ea693892fb8eca8a041a5eda7

    SHA256

    eae2f4ccee98174a83520380dc1f10affa4b6bee9752acca6125c1bd68c55aee

    SHA512

    0603ed0d553f8d11b7d15b749faf7b572e1bf12afa2d5d1af69d6790b74f32e6866e359a7593911ab81450e511145861b412ebac756e1815151c6d05d19bead2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54cf3096934f7021d4e474c4e13a31bd

    SHA1

    91b068de327edc665bffdc8424904ef7a999870d

    SHA256

    854422910576ea4aefa5331c004fbd0a2b2f93f9f87d5c6cbc0fac23e8fef803

    SHA512

    d2eaed38487915183c3f0ecc1e1cad2385320c74c5a5dd0b3f50315910ed002566050f2e92fc41fc7f03f18194f6be5459030675996398913959b0376f50aa07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f57fa8311c85d26b2823cb14c0b1af6b

    SHA1

    6ab2c32386db11e26c2db6ef616f65359ad7d27f

    SHA256

    68e796f5e18ba93a1f033b8f08d6e1c0349c8e68a0fbb95a1ee85f0003d20a39

    SHA512

    75a925dd034a5ba02a7b02d093c6cc149a19ad8d7c610144779fcadd5f75784a0a900017aba63f5f9818ace418b20ddfb8e75484ae628a1ab83005f603d286d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d950568cf882b3c30663b4363d9770b3

    SHA1

    948619acf9cb9357a39947fb1d5c5ed89fade5b5

    SHA256

    1b5e789f114e68b056de1314b544042a863686271da9a66dfeec261a2d0d5534

    SHA512

    d1bc373e47e23853b9de04235b9c2dc7818343ebcb9cb2029b6f075e2a69b61882e5a6ef3c66fcce6e6652379ef2c98f651b411f318caca5955b504ba4599f52

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8DA1.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E22.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit